Product
Security update available for Adobe Connect
Release date: November 8, 2016
Vulnerability identifier: APSB16-35
Priority: 3
CVE number: CVE-2016-7851
Platform: Windows
Summary
Adobe has released a security update for Adobe Connect for Windows. This update resolves an input validation vulnerability in the events registration module that could be used in cross-site scripting attacks. Adobe recommends users update their product installation using the instructions provided in the “Solution” Section below.
Affected Versions
|
Affected Versions |
Platform |
Adobe Connect |
9.5.6 and earlier versions |
Windows |
Solution
Adobe recommends customers update the Connect instance to the newest version by following the instructions below.
Note: This issue will be automatically resolved for Connect customers using Adobe's hosted services once the account is upgraded to Connect 9.5.7.
Updated Version |
Platform |
Availability |
||
Adobe Connect |
9.5.7 |
Windows |
3 |
Vulnerability Details
Acknowledgments
Adobe would like to thank Benjamin Kunz Mejri of Vulnerability Laboratory [Research Team] for reporting this issue (CVE-2016-7851) and for working with Adobe to help protect our customers.